TSQLite3Connection, Password field

[LemonParty]

Hello.
If I previously set up some password, how can I change it later?

[Thaddy]

You don't store the password, but you store its hash...Everybody knows that.
You  should offer a recovery interface and delete the old hash and create a new one from the new password..
That is because you can't get the password back from the hash. You can not decrypt a hash.
Verification is by comparing hashes not passwords.

If there is an information leak, you don't leak passwords but pretty meaningless hashes.
In principle this has nothing to do with the database, but with the userinterface.
This is not SQLite3 specific.
In SQLite3 you can you a user defined function to hash the password and compare the hashes.
In other databases one usually writes a stored procedure for that.

I have a unit for Windows and Linux for that. Must update it a bit for BCrypt and newer OpenSSL.
Interface is simple:

Code: Pascal  [Select][+][-]

1. function HashPassword(const password: string): string;cdecl;
2. function CheckPassword(const entered_password: string; const stored_hash: string): Boolean;cdecl;

Both can be massaged into a UDF.

I will attach it when I have updated it.

[LemonParty]

My question is about a bit different situation. What if I created a database with one password and then I want encrypt database with different password? Should I create a new database in this case (and do a copy by myself)?

[jcmontherock]

See:
https://forum.lazarus.freepascal.org/index.php?topic=25124.0
You have an example at topic #12.

[LemonParty]

Thank you for help.
This command do the thing:

Code: Pascal  [Select][+][-]

1. SQLite3Connection1.ExecuteDirect('PRAGMA rekey = "' + txtNew.Text + '";');